CVE-2023-3354
Improper i/o watch removal in tls handshake can lead to remote unauthenticated denial of service
CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.
| CWE | CWE-476 |
| Vendor | n/a |
| Product | qemu |
| Published | Jul 11, 2023 |
| Last Updated | Feb 13, 2025 |
Stay Ahead of the Next One
Get instant alerts for n/a qemu
Be the first to know when new high vulnerabilities affecting n/a qemu are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected Versions
n/a / qemu
All versions affected Red Hat / Red Hat Enterprise Linux 6
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Enterprise Linux 7
All versions affected Red Hat / Red Hat Enterprise Linux 8
All versions affected Red Hat / Red Hat Enterprise Linux 8 Advanced Virtualization
All versions affected Red Hat / Red Hat Enterprise Linux 9
All versions affected Red Hat / Red Hat OpenStack Platform 13 (Queens)
All versions affected Fedora / Fedora
All versions affected Fedora / Extra Packages for Enterprise Linux
All versions affected References
access.redhat.com: https://access.redhat.com/security/cve/CVE-2023-3354 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2216478 lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/ lists.debian.org: https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html
Credits
Red Hat would like to thank jiangyegen (Huawei Vulnerability Management Center) and yexiao7 (Huawei Vulnerability Management Center) for reporting this issue.